<?php
ifi!$_GET['cmd']) {
	if(!perms_check('menu', 'edit') and !perms_check('menu', 'del')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	//sort
	if(!$_GET['sort'])
		$_GET['sort']='ASC';
	if(!$_GET['sortby'])
		$_GET['sortby']='y';
	if($_GET['sort']=='ASC')
		$sortnext='DESC';
	else
		$sortnext='ASC';
	//

	$db = new dbquery;

	//menu left
	$db->query("SELECT * FROM $conf[prefix]menu WHERE x!='admin' && x='left' ORDER by $_GET[sortby] $_GET[sort]") or $db->err(__FILE__, __LINE__);

	$left = read_file('admin/themes/menu_header.php');

	$i=0;

	while($d=$db->fetch_object()) {
		$i++;

		if($i>2)
			$i=1;

		$cnt = "content_$_SESSION[lang_short]";
		$tlt = "title_$_SESSION[lang_short]";

		if($d->$cnt == '' or $d->$tlt == '') {
			$cnt = "content_$conf[language]";
			$tlt = "title_$conf[language]";
		}

		$d->$cnt = strip_exbcode(read_text_rest($d->$cnt));
		$d->$cnt = str_replace("<","&amp;lt;", $d->$cnt);
		$d->$cnt = str_replace(">","&amp;gt;", $d->$cnt);

		if(strlen($d->$cnt) > 50)
			$cnt = substr($d->$cnt, 0, 50).'[...]';
		else
			$cnt = $d->$cnt;

		$left .= string_template(read_file('admin/themes/menu_item.php'), array("title" => $d->$tlt, "content" => $cnt, "status" => $d->status, "y" => $d->y, "id" => $d->id, "x" => $d->x, "i" => $i, "sortnext"=>$sortnext));
	}

	$left .=  read_file('admin/themes/menu_footer.php');

	$content=string_template(read_file('middle.php'), array('theme_path' => $GLOBALS['theme_path'], 'content' => $left, 'description' => 'Menu Left:'));
	//end menu_left

	//menu right
	$db->query("SELECT * FROM $conf[prefix]menu WHERE x!='admin' && x='right' ORDER by $_GET[sortby] $_GET[sort]")  or $db->err(__FILE__, __LINE__);

	$right = read_file('admin/themes/menu_header.php');

	$i=0;

	while($d=$db->fetch_object()) {
		$i++;

		if($i>2)
			$i=1;

		$cnt = "content_$_SESSION[lang_short]";
		$tlt = "title_$_SESSION[lang_short]";

		if($d->$cnt == '' or $d->$tlt == '') {
			$cnt = "content_$conf[language]";
			$tlt = "title_$conf[language]";
		}

		$d->$cnt = strip_exbcode(read_text_rest($d->$cnt));
		$d->$cnt = str_replace("<","&amp;lt;", $d->$cnt);
		$d->$cnt = str_replace(">","&amp;gt;", $d->$cnt);

		if(strlen($d->$cnt) > 50)
			$cnt = substr($d->$cnt, 0, 50).'[...]';
		else
			$cnt = $d->$cnt;

		$right .= string_template(read_file('admin/themes/menu_item.php'), array("title" => $d->$tlt, "content" => $cnt, "status" => $d->status, "y" => $d->y, "id" => $d->id, "x" => $d->x, "i" => $i));
	}

	$right .= read_file('admin/themes/menu_footer.php');

	$content .= '<br />'.string_template(read_file('middle.php'), array('theme_path' => $GLOBALS['theme_path'], 'content' => $right, 'description' => 'Menu Right:'));
	//

	//menu_top
	$db->query("SELECT * FROM $conf[prefix]menu WHERE x!='admin' && x='top' ORDER by $_GET[sortby] $_GET[sort]") or $db->err(__FILE__, __LINE__);

	$top = read_file('admin/themes/menu_header.php');

	$i=0;
	while($d=$db->fetch_object()) {
		$i++;

		if($i>2)
			$i=1;

		$cnt = "content_$_SESSION[lang_short]";
		$tlt = "title_$_SESSION[lang_short]";

		if($d->$cnt == '' or $d->$tlt == '') {
			$cnt = "content_$conf[language]";
			$tlt = "title_$conf[language]";
		}

		$d->$cnt = strip_exbcode(read_text_rest($d->$cnt));
		$d->$cnt = str_replace("<","&amp;lt;", $d->$cnt);
		$d->$cnt = str_replace(">","&amp;gt;", $d->$cnt);

		if(strlen($d->$cnt) > 100)
			$cnt = substr($d->$cnt, 0, 100).'[...]';
		else
			$cnt = $d->$cnt;

		$top .= string_template(read_file('admin/themes/menu_item.php'), array("title" => $d->$tlt, "content" => $cnt, "status" => $d->status, "y" => $d->y, "id" => $d->id, "x" => $d->x, "i" => $i));
	}

	$top .= read_file('admin/themes/menu_footer.php');

	$content.='<br />'.string_template(read_file('middle.php'), array('theme_path' => $GLOBALS['theme_path'], 'content' => $top, 'description' => 'Menu Top:'));
	//

	//menu_admin
	$db->query("SELECT * FROM $conf[prefix]menu WHERE x='admin' ORDER by $_GET[sortby] $_GET[sort]") or $db->err(__FILE__, __LINE__);

	$admin = read_file('admin/themes/menu_header.php');

	$i=0;

	while($d=$db->fetch_object()) {
		$i++;

		if($i>2)
			$i=1;

		$cnt = "content_$_SESSION[lang_short]";
		$tlt = "title_$_SESSION[lang_short]";

		if($d->$cnt == '' or $d->$tlt == '') {
			$cnt = "content_$conf[language]";
			$tlt = "title_$conf[language]";
		}

		$d->$cnt = strip_exbcode(read_text_rest($d->$cnt));
		$d->$cnt = str_replace("<","&amp;lt;", $d->$cnt);
		$d->$cnt = str_replace(">","&amp;gt;", $d->$cnt);

		if(strlen($d->$cnt) > 50)
			$cnt = substr($d->$cnt, 0, 50).'[...]';
		else
			$cnt = $d->$cnt;

		$admin .= string_template(read_file('admin/themes/menu_item.php'), array("title" => $d->$tlt, "content" => $cnt, "status" => $d->status, "y" => $d->y, "id" => $d->id, "x" => $d->x, "i" => $i));
	}

	$admin .= read_file('admin/themes/menu_footer.php');

	$content.='<br />'.string_template(read_file('middle.php'), array('theme_path' => $GLOBALS['theme_path'], 'content' => $admin, 'description' => 'Menu Admin:'));
	//
}
elseif($_GET['cmd']=='edit') {
	if(!perms_check('menu', 'edit')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	$db = new dbquery;
	$db->query("SELECT * FROM $conf[prefix]menu WHERE id='$_GET[id]'") or $db->err(__FILE__, __LINE__);

	$d=$db->fetch_object();

	//x_radio_select
	$db->query("SELECT * FROM $conf[prefix]menu WHERE x='left' && id!='$d->id' ORDER by y") or $db->err(__FILE__, __LINE__);

	//left
	if($d->x=='left')
		$checked='CHECKED';
	else
		$checked='';
	$x_radio_select='<TABLE CELLSPACING="0" CELLPADDING="0" BORDER="0"><TR><TD WIDTH="70"><INPUT TYPE="radio" NAME="x" VALUE="left" CLASS="radio" '.$checked.'>&amp;nbsp;left</TD><TD><SELECT NAME="before_left" CLASS="button"><OPTION VALUE="none">---- '.$lang['admin_move_down'].' ----</OPTION>';

	while($b=$db->fetch_object()) {
		$tlt = "title_$_SESSION[lang_short]";
		if($b->$tlt == '')
			$tlt = "title_$conf[language]";

		if($checked=='CHECKED' && $b->y-1==$d->y)
			$selected='SELECTED';
		else
			$selected='';
		$x_radio_select.='<OPTION VALUE="'.$b->y.'" '.$selected.'>'.$lang['admin_before'].' '.read_text_rest($b->$tlt).'</OPTION>';
	}
	$x_radio_select.='</SELECT></TD></TR></TABLE>
		';
	//

	$db->query("SELECT * FROM $conf[prefix]menu WHERE x='right' && id!='$d->id' ORDER by y") or $db->err(__FILE__, __LINE__);

	//right
	if($d->x=='right')
		$checked='CHECKED';
	else
		$checked='';
	$x_radio_select.='<TABLE CELLSPACING="0" CELLPADDING="0" BORDER="0"><TR><TD WIDTH="70"><INPUT TYPE="radio" NAME="x" VALUE="right" CLASS="radio" '.$checked.'>&amp;nbsp;right</TD><TD><SELECT NAME="before_right" CLASS="button"><OPTION VALUE="none">---- '.$lang['admin_move_down'].' ----</OPTION>';

	while($b=$db->fetch_object()) {
		$tlt = "title_$_SESSION[lang_short]";
		if($b->$tlt == '')
			$tlt = "title_$conf[language]";
		if($checked=='CHECKED' && $b->y-1==$d->y)
			$selected='SELECTED';
		else
			$selected='';
		$x_radio_select.='<OPTION VALUE="'.$b->y.'" '.$selected.'>'.$lang['admin_before'].' '.read_text_rest($b->$tlt).'</OPTION>';
	}
	$x_radio_select.='</SELECT></TD></TR></TABLE>
		';
	//

	$db->query("SELECT * FROM $conf[prefix]menu WHERE x='top' && id!='$d->id' ORDER by y") or $db->err(__FILE__, __LINE__);

	//top
	if($d->x=='top')
		$checked='CHECKED';
	else
		$checked='';
	$x_radio_select.='<TABLE CELLSPACING="0" CELLPADDING="0" BORDER="0"><TR><TD WIDTH="70"><INPUT TYPE="radio" NAME="x" VALUE="top" CLASS="radio" '.$checked.'>&amp;nbsp;top</TD><TD><SELECT NAME="before_top" CLASS="button"><OPTION VALUE="none">---- '.$lang['admin_move_down'].' ----</OPTION>';

	while($b=$db->fetch_object()) {
		$tlt = "title_$_SESSION[lang_short]";
		if($b->$tlt == '')
			$tlt = "title_$conf[language]";
		if($checked=='CHECKED' && $b->y-1==$d->y)
			$selected='SELECTED';
		else
			$selected='';
		$x_radio_select.='<OPTION VALUE="'.$b->y.'" '.$selected.'>'.$lang['admin_before'].' '.read_text_rest($b->$tlt).'</OPTION>';
	}
	$x_radio_select.='</SELECT></TD></TR></TABLE>
		';
	//

	$db->query("SELECT * FROM $conf[prefix]menu WHERE x='admin' && id!='$d->id' ORDER by y") or $db->err(__FILE__, __LINE__);

	//admin
	if($d->x=='admin')
		$checked='CHECKED';
	else
		$checked='';
	$x_radio_select.='<TABLE CELLSPACING="0" CELLPADDING="0" BORDER="0"><TR><TD WIDTH="70"><INPUT TYPE="radio" NAME="x" VALUE="admin" CLASS="radio" '.$checked.'>&amp;nbsp;admin</TD><TD><SELECT NAME="before_admin" CLASS="button"><OPTION VALUE="none">---- '.$lang['admin_move_down'].' ----</OPTION>';

	while($b=$db->fetch_object()) {
		$tlt = "title_$_SESSION[lang_short]";
		if($b->$tlt == '')
			$tlt = "title_$conf[language]";
		if($checked=='CHECKED' && $b->y-1==$d->y)
			$selected='SELECTED';
		else
			$selected='';
		$x_radio_select.='<OPTION VALUE="'.$b->y.'" '.$selected.'>'.$lang['admin_before'].' '.read_text_rest($b->$tlt).'</OPTION>';
	}
	$x_radio_select.='</SELECT></TD></TR></TABLE>
		';
	//
	//

	if($d->status)
		$status='CHECKED';
	else
		$status='';

	//access options
	$simple_sel = NULL;
	$adv_sel = NULL;
	$groups_sel = NULL;

	if($d->access == -3) {
		$acc = 'groups';
		$groups_sel = ' checked';
	}
	elseif(is_numeric($d->access)) {
		$acc = 'std';
		$simple_sel = ' checked';
	}
	else {
		$acc = 'adv';
		$adv_sel = ' checked';
	}

	$all = NULL; $nlgd = NULL; $lgd = NULL; $rds = NULL;

	if($acc == 'std') {
		switch($d->access) {
			case -2:	$nlgd = ' SELECTED';
					break;
			case -1:	$all = ' SELECTED';
					break;
			case 0:		$lgd = ' SELECTED';
					break;
			case 1:		$rds = ' SELECTED';
					break;
		}
	}

	$access_options = '<OPTION value="-1"'.$all.'>'.$lang['admin_all_users'].'</OPTION>
		<OPTION value="-2"'.$nlgd.'>'.$lang['admin_not_logged_in_users'].'</OPTION>
		<OPTION value="0"'.$lgd.'>'.$lang['admin_logged_in_users'].'</OPTION>
		<OPTION value="1"'.$rds.'>'.$lang['groups_redactors'].'</OPTION>'; 
	//

	//adv options
	$options = NULL;
	$module = NULL;

	if($acc == 'adv') {
		$module = $d->access;
		$options = $d->perms;
	}

	//groups options
	$groups_options = NULL;
	$groups = explode(';', $d->perms);

	$db2 = new dbquery;

	$db2->query("SELECT * FROM $conf[prefix_groups]groups ORDER BY type ASC") or $db2->err(__FILE__, __LINE__);

	while($g = $db2->fetch_object()) {
		$nn = NULL;
		if($acc == 'groups') {
			for($i = 0; $i < count($groups); $i++) {
				if($groups[$i] == $g->id)
					$nn = ' selected'; 
			}
		}

		$name = groups_get_name_by_id($g->id);
		$groups_options .= "<option value=\"$g->id\" $nn>$name</option>\n";
	}
	//

	$array = array("function" => "menu_edit", "id" => $d->id, 'access_options'=>$access_options, 'groups_options' => $groups_options, 'simple_sel' => $simple_sel, 'adv_sel' => $adv_sel, 'groups_sel' => $groups_sel, 'acc_module' => $module, 'acc_perms' => $options, "status" => $status, "x_radio_select" => $x_radio_select);

	$multi = NULL;

	$langs = get_lang_list();
	$languages = get_languages_list();

	$i = 0;
	foreach($langs as $key => $l) {
		$i++;
		if($l==$_SESSION['lang_short']) {
			$icon = 'collapse';
			$style = 'block';
		}
		else {
			$icon = 'expand';
			$style = 'none';
		}

		$multi .= string_template(read_file('admin/themes/menu_form_multi.php'), array('lang' => $l, 'language' => strtoupper($l), 'icon' => $GLOBALS['theme_path'].$GLOBALS['theme_img'][$icon], 'style' => $style, 'i' => $i));
		$t = "title_$l";
		$array[$t] = read_text_menu_edit($d->$t);
		$t = "content_$l";
		$array[$t] = read_text_menu_edit($d->$t);
	}

	$content = string_template(read_file('admin/themes/menu_form.php'), array('multi' => $multi));
	$content = string_template($content, $array);
}
elseif($_GET['cmd']=='add') {
	if(!perms_check('menu', 'edit')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	$db = new dbquery;

	//x_radio_select
	$db->query("SELECT * FROM $conf[prefix]menu WHERE x='left' && id!='$d->id' ORDER by y") or $db->err(__FILE__, __LINE__);


	//left
	$x_radio_select='<TABLE CELLSPACING="0" CELLPADDING="0" BORDER="0"><TR><TD WIDTH="70"><INPUT TYPE="radio" NAME="x" VALUE="left" CLASS="radio" CHECKED>&amp;nbsp;left</TD><TD><SELECT NAME="before_left" CLASS="button"><OPTION VALUE="none" SELECTED>---- '.$lang['admin_move_down'].' ----</OPTION>';

	while($b=$db->fetch_object()) {
		$tlt = "title_$_SESSION[lang_short]";
		if($b->$tlt == '')
			$tlt = "title_$conf[language]";
		$x_radio_select.='<OPTION VALUE="'.$b->y.'">'.$lang['admin_before'].' '.read_text_rest($b->$tlt).'</OPTION>';
	}
	$x_radio_select.='</SELECT></TD></TR></TABLE>';
	//

	$db->query("SELECT * FROM $conf[prefix]menu WHERE x='right' && id!='$d->id' ORDER by y") or $db->err(__FILE__, __LINE__);

	//right
	$x_radio_select.='<TABLE CELLSPACING="0" CELLPADDING="0" BORDER="0"><TR><TD WIDTH="70"><INPUT TYPE="radio" NAME="x" VALUE="right" CLASS="radio">&amp;nbsp;right</TD><TD><SELECT NAME="before_right" CLASS="button"><OPTION VALUE="none" SELECTED>---- '.$lang['admin_move_down'].' ----</OPTION>';

	while($b=$db->fetch_object()) {
		$tlt = "title_$_SESSION[lang_short]";
		if($b->$tlt == '')
			$tlt = "title_$conf[language]";
		$x_radio_select.='<OPTION VALUE="'.$b->y.'">'.$lang['admin_before'].' '.read_text_rest($b->$tlt).'</OPTION>';
	}
	$x_radio_select.='</SELECT></TD></TR></TABLE>';
	//

	$db->query("SELECT * FROM $conf[prefix]menu WHERE x='top' && id!='$d->id' ORDER by y") or $db->err(__FILE__, __LINE__);

	//top
	$x_radio_select.='<TABLE CELLSPACING="0" CELLPADDING="0" BORDER="0"><TR><TD WIDTH="70"><INPUT TYPE="radio" NAME="x" VALUE="top" CLASS="radio">&amp;nbsp;top</TD><TD><SELECT NAME="before_top" CLASS="button"><OPTION VALUE="none" SELECTED>---- '.$lang['admin_move_down'].' ----</OPTION>';

	while($b=$db->fetch_object()) {
		$tlt = "title_$_SESSION[lang_short]";
		if($b->$tlt == '')
			$tlt = "title_$conf[language]";
		$x_radio_select.='<OPTION VALUE="'.$b->y.'">'.$lang['admin_before'].' '.read_text_rest($b->$tlt).'</OPTION>';
	}
	$x_radio_select.='</SELECT></TD></TR></TABLE>';
	//

	$db->query("SELECT * FROM $conf[prefix]menu WHERE x='admin' && id!='$d->id' ORDER by y") or $db->err(__FILE__, __LINE__);

	//admin
	$x_radio_select.='<TABLE CELLSPACING="0" CELLPADDING="0" BORDER="0"><TR><TD WIDTH="70"><INPUT TYPE="radio" NAME="x" VALUE="admin" CLASS="radio">&amp;nbsp;admin</TD><TD><SELECT NAME="before_admin" CLASS="button"><OPTION VALUE="none" SELECTED>---- '.$lang['admin_move_down'].' ----</OPTION>';

	while($b=$db->fetch_object()) {
		$tlt = "title_$_SESSION[lang_short]";
		if($b->$tlt == '')
			$tlt = "title_$conf[language]";
		$x_radio_select.='<OPTION VALUE="'.$b->y.'">'.$lang['admin_before'].' '.read_text_rest($b->$tlt).'</OPTION>';
	}
	$x_radio_select.='</SELECT></TD></TR></TABLE>';
	//


	//access options
	$simple_sel = NULL;
	$adv_sel = NULL;
	$groups_sel = NULL;

	$access_options = '<OPTION value="-1">'.$lang['admin_all_users'].'</OPTION>
		<OPTION value="-2">'.$lang['admin_not_logged_in_users'].'</OPTION>
		<OPTION value="0">'.$lang['admin_logged_in_users'].'</OPTION>
		<OPTION value="1">'.$lang['groups_redactors'].'</OPTION>'; 
	//

	//groups options
	$db2 = new dbquery;
	$groups_options = NULL;

	$db2->query("SELECT * FROM $conf[prefix_groups]groups ORDER BY type ASC") or $db->err(__FILE__, __LINE__);

	while($g = $db2->fetch_object()) {
		$name = groups_get_name_by_id($g->id);
		$groups_options .= "<option value=\"$g->id\">$name</option>\n";
	}
	//
	/*
	   $content = string_template(read_file('admin/themes/menu_form.php'), array('x_radio_select' => $x_radio_select, "function" => "menu_add", "id" => "", "title" => "", "uk_title" => "", "content" => "", "uk_content" => "", "status" => "CHECKED", 'access_options'=>$access_options, 'groups_options' => $groups_options, 'simple_sel' => ' checked', 'adv_sel' => NULL, 'groups_sel' => NULL, 'acc_module' => NULL, 'acc_perms' => NULL));

	   $content = string_template(read_file('middle.php'), array('theme_path' => $GLOBALS['theme_path'], 'content' => $content, 'description' => 'Menu Add:'));
	 */
	$array = array('x_radio_select' => $x_radio_select, "function" => "menu_add", "id" => "", "status" => "CHECKED", 'access_options'=>$access_options, 'groups_options' => $groups_options, 'simple_sel' => ' checked', 'adv_sel' => NULL, 'groups_sel' => NULL, 'acc_module' => NULL, 'acc_perms' => NULL);

	$multi = NULL;

	$langs = get_lang_list();
	$languages = get_languages_list();

	$i = 0;

	foreach($langs as $key => $l) {
		$i++;
		if($l==$conf[language] or $l==$_SESSION['lang_short']) {
			$icon = 'collapse';
			$style = 'block';
		}
		else {
			$icon = 'expand';
			$style = 'none';
		}

		$multi .= string_template(read_file('admin/themes/menu_form_multi.php'), array('lang' => $l, 'language' => strtoupper($l), 'icon' => $GLOBALS['theme_path'].$GLOBALS['theme_img'][$icon], 'style' => $style, 'i' => $i));
		$array["title_$l"] = '';
		$array["content_$l"] = '';
	}

	$content = string_template(read_file('admin/themes/menu_form.php'), array('multi' => $multi));
	$content = string_template($content, $array);
}
elseif($_GET['cmd']=='really_delete') {
	if(!perms_check('menu', 'del')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	$db = new dbquery;

	$db->query("SELECT * FROM $conf[prefix]menu WHERE id='$_GET[id]'") or $db->err(__FILE__, __LINE__);

	$d=$db->fetch_object();

	$tlt = "title_$_SESSION[lang_short]";

	if($d->$tlt == '') {
		$db2 = new dbquery;
		$db2->query("SELECT $conf[language] FROM $conf[prefix]lang WHERE name = 'lang'") or $db2->err(__FILE__, __LINE__);

		$lng = $db2->fetch_array();
		$lng = $lng[$conf[language]];

		$tlt = "title_$lng";
	}

	$yes='<input type="button" onClick="javascript:location.href=\'index.php?module=menu&function=menu_delete&amp;id='.$_GET['id'].'\'" value="'.$lang['yes'].'" class="button">';
	$no='<input type="button" onClick="javascript:location.href=\'index.php?module=admin&amp;action=menu\'" value="'.$lang['no'].'" class="button">';
	$content = string_template($lang['admin_really_delete'], array('what'=>stripslashes($d->$tlt), 'yes'=>$yes, 'no'=>$no));
}

if($_GET['cmd'])
$content=string_template(read_file('middle.php'), array('description' => 'Menu:', 'theme_path' => $GLOBALS['theme_path'], 'content'=>$content));
